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DETAILED ACTION 

1 . Claims 1-66 are pending in this application and presented for examination. 

Specification Objections 

2. The specification is objected to because the following informalities: 

• "Motorola", "Intel", "PowerPC", "Apple", cited in [0002], are registered 
trademarks 

• "Connectix", cited in [0006], line 6, is a registered trademark 

• "IA32", "AMD", "Pentium", "Athlon", cited in [0007], are registered 
trademarks 

* 

• "IBM", "Amdahl", cited in [0007], are registered trademarks 

• "However, the description itself is not intended to limit the scope of this 
patent." cited in [0022], Line 2, should be corrected as "However, the 
description itself is not intended to limit the scope of this patent 
application ." 

* 

Appropriate correction is required (See MPEP § 608.01(b)) 



Claim Objections 

3. Claims 54 and 63 are objected to because the following informalities: 
• "identity for the central processing unit.", claim 54, line 3, should be 
corrected "identity for the central processing unit" 
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• "an identity for the central processing unit; and", claim 63, line 5, 
should be corrected "an identity for the central processing unit; and" 

Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, 
manufacture, or composition of matter, or any new and useful improvement 
thereof, may obtain a patent therefor, subject to the conditions and requirements 
of this title. 

4. Claims 52-64 are rejected under 35 U.S.C 101 because the claims are 
directed to non-statutory subject matter. 

5. As to claim 52, a "computer-readable medium" is being cited, line 1, to 
include transmission media, light waves, a carrier wave etc., cited in [0079], lines 
1-3 in the specifications; the claim is directed to a computer program product 
encoding a computer program. However, Applicant defines "computer-readable 
medium" to include "a computer data signal embodied in a carrier wave". Signals 
and carrier waves do not fall within any class of statutory subject matter, and thus 
the claim is not limited to statutory subject matter. Please see Interim Guidelines 
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for Examination of Patent Applications for Patent Subject Matter Eligibility (1300 
OG 142), Annex IV, Section (C) for details. 

6. As to claims 53-64, they do not cure the deficiency of base claim 52, and 
also are rejected under 35 U.S.C. 101 as set forth above. 

i 

Claim Rejections - 35 USC § 102(b) 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 
102(b) that form the basis for the rejections under this section made in this office 
action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in 
public use or on sale in this country, more than one year prior to the date of application for patent in 
the United States. 

8. Claims 1-4, 18-21, 29, 34-37, 52, 57-60, and 65 are rejected under 35 
U.S.C. 102(b) as being anticipated by J. S. Robin (Analyzing the Intel Pentium's 
Capability to Support a Secure Virtual Machine Monitor, pp. 1-98, Sep., 1999, 
Naval Postgraduate School, Monterey, California) (hereinafter 'Robin 1 ) 

9. As to claim 1 (original), Robin discloses a method for improving 
processor virtualization in x86 processor architectures and their equivalents, 
including but not limited to the IA32 architecture, said method comprising 
removing, replacing, or supplementing one or more predefined instructions in a 
guest operating system that adversely affect virtualization for a virtual machine 



w 

V. 

' Application/Control Number: 10/685,051 Page 5 

Art Unit: 2192 

operating on an x86 processor (Abstract, Lines 1-2 - the problem of 
implementing secure virtual machine monitors (VMM) on the Intel Pentium 
architecture, 6-8 - several techniques are presented that allow the Intel 
architecture to support a "virtual VMM"; Sec. 2 of Characteristic and Layers of a 
VMM, 3 rd Para. - instructions which can not be executed directly by the real 
processor are interpreted by the VMM). 

10. As to claim 29 (original), Robin discloses a system for processing 
synthetic instructions on x86 processor architectures and their equivalents, 
including but not limited to the IA32 architecture, said system comprising a 
subsystem for trapping said synthetic instructions issued by a guest operating 
system after said synthetic instructions cause an exception in the x86 processor; 
and a subsystem for processing said synthetic instructions for the guest 
operating system (i.e. P. 5, Sec. 3 - Logical VMM Modules - A VMM normally 
has three generic types of modules: dispatcher, allocator, and interpreter; A jump 
to the dispatcher is placed in every location to which the machine traps. The 
dispatcher then decides which of its modules to call when the machine traps; For 
example, if a VM tries to execute a privileged instruction that would change the 
resources of the VM's environment, the VM will trap to the VMM dispatcher. The 
dispatcher will handle the trap by invoking the allocator that performs the 
requested resource allocation according to VMM policy. The final module type is 
an interpreter. Each privileged instruction will have an interpreter module that is 
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called by the dispatcher to simulate the effect of the instruction that caused the 
trap). 

11. As to claim 52 (original), Robin discloses a computer-readable medium 
comprising computer-readable instructions for improving processor vi realization 
in x86 processor architectures and their equivalents, including but not limited to 
the IA32 architecture, said computer-readable instructions comprising synthetic 
instruction that causes an exception in the x86 processor that is then trapped by 
a virtual machine monitor running on said x86 processor for processing by said 
virtual machine monitor (i.e. P. 5, Sec. 3 - Logical VMM Modules - A VMM 
normally has three generic types of modules: dispatcher, allocator, and 
interpreter; A jump to the dispatcher is placed in every location to which the 
machine traps. The dispatcher then decides which of its modules to call when the 
machine traps; For example, if a VM tries to execute a privileged instruction that 
would change the resources of the VM's environment, the VM will trap to the 
VMM dispatcher. The dispatcher will handle the trap by invoking the allocator that 
performs the requested resource allocation according to VMM policy. The final 
module type is an interpreter. Each privileged instruction will have an interpreter 
module that is called by the dispatcher to simulate the effect of the instruction 
that caused the trap). 

12. As to claim 65 (currently amended), Robin discloses a system for 
processing synthetic instructions when executing on x86 processor architectures 
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and their equivalents, including but not limited to the IA32 architecture, said 
system comprising removing, replacing, or supplementing instances of one or 
more of the following predefined instructions in the guest operating system: 
PUSH CS, PUSH SS (P. 24, Sec. 3 - PUSH Instruction, Lines 1-5 -this can not 
be allowed because bits 0 and 1 of the CS and SS register contain the CPL of 
the current executing task), MOV from SS (P. 26, Sec. 5 - STR Instruction, 2 nd 
Para. - this is a problem because the CS and SS registers both contain the CPL 
in bits 0 and 1 . therefore, a task could store the CS or SS in a general-purpose 
register and examine the contents of that register to find that is not operating at 
the correct privilege level), CALLF (P. 24, Sec. 4 - CALL, JMP, INT n, RET 
Instructions, 1 st Para - task switches and far calls to different privilege levels are 
problems because they involve the CPL, DPL, and RPL of the Intel protection 
system), VERR, VERW, and LAR (P. 23, Sec. 1 - LAR, LSL, VERR, VERW 
Instructions, the LAR instruction loads access rights from a segment descriptor 
into a general purpose register; the VERR and VERW instructions verify whether 
a code or data segment is readable or writable from the current privilege level. 
The problem with these instructions is that they all perform the following check 
during their execution: (CPL > DPL) or (RPL > DPL); this conditional checks to 
ensure that the current privilege level and the requested privilege level are both 
greater than the descriptor privilege level. This is a problem because a VM 
normally does not execute at the highest CPL). 



« 
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13. As to claim 2 (original) (incorporating the rejection in claim 1), Robin 
discloses the method wherein said one or more instructions, include a member of 
the following group of instructions: PUSH CS, PUSH SS (P. 24, Sec. 3 - PUSH 
Instruction, Lines 1-5 - this can not be allowed because bits 0 and 1 of the CS 
and SS register contain the CPL of the current executing task), MOV from SS (P. 
26, Sec. 5 - STR Instruction, 2 nd Para. - this is a problem because the CS and 
SS registers both contain the CPL in bits 0 and 1 . therefore, a task could store 
the CS or SS in a general-purpose register and examine the contents of that 
register to find that is not operating at the correct privilege level), CALLF (P. 24, 
Sec. 4 - CALL, JMP, INT n, RET Instructions, 1 st Para - task switches and far 
calls to different privilege levels are problems because they involve the CPL, 
DPL, and RPL of the Intel protection system), VERR, VERW, and LAR (P. 23, 
Sec. 1 - LAR, LSL, VERR, VERW Instructions, the LAR instruction loads access 
rights from a segment descriptor into a general purpose register; the VERR and 
VERW instructions verify whether a code or data segment is readable or writable 
from the current privilege level. The problem with these instructions is that they 
all perform the following check during their execution: (CPL > DPL) or (RPL > 
DPL); this conditional checks to ensure that the current privilege level and the 
requested privilege level are both greater than the descriptor privilege level. This 
is a problem because a VM normally does not execute at the highest CPL). 

14. As to claim 3 (original) (incorporating the rejection in claim 1), Robin 
discloses the method wherein an instruction that adversely affects virtualization 
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on an x86 processor is either replaced with or supplemented by a synthetic 
instruction that causes an exception in the x86 processor that is then trapped by 
a virtual machine running on said x86 processor for processing by said virtual 
machine (i.e. P. 5, Sec. 3 - Logical VMM Modules - A VMM normally has three 
generic types of modules: dispatcher, allocator, and interpreter; A jump to the 
dispatcher is placed in every location to which the machine traps. The dispatcher 
then decides which of its modules to call when the machine traps; For example, if 
a VM tries to execute a privileged instruction that would change the resources of 
the VM's environment, the VM will trap to the VMM dispatcher. The dispatcher 
will handle the trap by invoking the allocator that performs the requested 
resource allocation according to VMM policy. The final module type is an 
interpreter. Each privileged instruction will have an interpreter module that is 
called by the dispatcher to simulate the effect of the instruction that caused the 
trap). 

* 

15. As to claim 4 (original) (incorporating the rejection in claim 3), Robin 
discloses the method wherein, for a first virtual machine running on a second 
virtual machine, an instruction that is either replaced with or supplemented by a 

■ 

synthetic instruction to cause an exception in the x86 processor that is then 
trapped by said first virtual machine running on said x86 processor for processing 
by said virtual machine by effectively by-passing said second virtual machine (i.e. 
P. 5, Sec. 2 - Characteristic and Layers of a VMM, 4 th Para. - some virtual 

* 

machines exhibit the recursion property. This means that is possible to run a 



V. 

* 

V' ' Application/Control Number: 10/685,051 Page 10 

Art Unit: 2192 

VMM inside of a VM, producing a new level of virtual machines; P. 5, Sec. 3 - 
Logical VMM Modules - A VMM normally has three generic types of modules: 
dispatcher, allocator, and interpreter; A jump to the dispatcher is placed in every 
location to which the machine traps. The dispatcher then decides which of its 
modules to call when the machine traps; For example, if a VM tries to execute a 
privileged instruction that would change the resources of the VM's environment, 
the VM will trap to the VMM dispatcher. The dispatcher will handle the trap by 
invoking the allocator that performs the requested resource allocation according 
to VMM policy. The final module type is an interpreter. Each privileged instruction 
will have an interpreter module that is called by the dispatcher to simulate the 
effect of the instruction that caused the trap). 

16. As to claim 18 (original) (incorporating the rejection in claim 3), Robin 
discloses the method wherein an SGDT instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMSGDT) that stores a current GDT 
base and length to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 
1 st Para. - 2 nd Para., the GDT and LDT contain segment descriptors that provide 
the base address, access rights, type, length, and usage information for each 
segment; the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it 
holds gate descriptors that provide access to interrupt and exception handlers; 
All three of these instructions (SGDT, SLDT, SIDT) store a special register value 
into some location. The SGDT instruction stores the contents of GDTR in a 6- 
byte memory location; the SLDT instruction stores the segment selector from the 
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LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 

♦ 

instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 
of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 
OS or Type I VMM will be given. This could cause a problem if an operating 
system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers). 

17. As to claim 19 (original) (incorporating the rejection in claim 3), Robin 
discloses the method wherein a SLDT instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMSLDT) that stores the current 
LDT selector to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st 
Para. - 2 nd Para., the GDT and LDT contain segment descriptors that provide the 
base address, access rights, type, length, and usage information for each 
segment; the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it 
holds gate descriptors that provide access to interrupt and exception handlers; 
All three of these instructions (SGDT, SLDT, SIDT) store a special register value 
into some location. The SGDT instruction stores the contents of GDTR in a 6- 
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byte memory location; the SLDT instruction stores the segment selector from the 
LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 
instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 
of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 
OS or Type I VMM will be given. This could cause a problem if an operating 
system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers). 

18. As to claim 20 (original) (incorporating the rejection in claim 3), Robin 
discloses the method wherein a SIDT instruction in the guest operating system is 
replaced with a synthetic instruction (e.g., VMSIDT) that stores the current IDT 
base and length to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 
1 st Para. - 2 nd Para., the GDT and LDT contain segment descriptors that provide 
the base address, access rights, type, length, and usage information for each 
segment; the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it 
holds gate descriptors that provide access to interrupt and exception handlers; 

■ 

All three of these instructions (SGDT, SLDT, SIDT) store a special register value 
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into some location. The SGDT instruction stores the contents of GDTR in a 6- 
byte memory location; the SLDT instruction stores the segment selector from the 
LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 
instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 

■ 

of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 
OS or Type I VMM will be given. This could cause a problem if an operating 
system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers). 

19. As to claim 21 (original) (incorporating the rejection in claim 3), Robin 
discloses the method wherein a STR instruction in the guest operating system is 
replaced with a synthetic instruction (e.g., VMSTR) that stores the current TR 
selector to EAX (P. 26, Sec. 5 - STR Instruction, 1 st Para. - this instruction 
prevents virtualization because it allows a task to examine its requested privilege 
level (RPL). Every segment selector contains an index into the GDT or LDT, a 
table indicator, and an RPL. The RPL is represented by bit 0 and bit 1 of the 
segmient selectors. This is a problem because a VM does not execute at the 
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highest CPL or RPL (RPL = 0), but a RPL = 3.However, most operating systems 
assume that they are operating at the highest privilege level and that they can 
access any segment descriptor. Therefore, if a VM running at a CPL and RPL of 
3 uses the STR to store the contents of the task register and then examines the 
information, it will find that it is not running at the privilege level at which it 
expects to run). 

* 

20. As to claim 34 (original) (incorporating the rejection in claim 29), Robin 
discloses the system further comprising a subsystem for processing a synthetic 
instruction (e.g., VMSGDT) for storing the current GDT base and length to EAX 
(P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd Para., the 
GDT and LDT contain segment descriptors that provide the base address, 
access rights, type, length, and usage information for each segment; the interrupt 
descriptor table (IDT) is similar to the GDT and LDT, but it holds gate descriptors 
that provide access to interrupt and exception handlers; All three of these 
instructions (SGDT, SLDT, SIDT) store a special register value into some 
location. The SGDT instruction stores the contents of GDTR in a 6-byte memory 
location; the SLDT instruction stores the segment selector from the LDTR in a 
16- or 32-bit general-purpose register or memory location; The SIDT instruction 
stores the contents of IDTR in a 6-byte memory location; these instructions are 
normally only used by operating systems but are not privileged in the Intel 
architecture. Since the Intel processor only has one LDTR, IDTR, and GDTR, a 
problem arises when multiple operating systems try to use the same registers. If 
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an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents of the 
IDTR, LDTR, or GDTR, the register contents that are applicable to the host OS or 
Type I VMM will be given. This could cause a problem if an operating system of a 
virtual machine (VMOS) tries to use these values for its own operations since 
they are what the VMOS expect. Therefore, a Type 1 VMM or Type II VMM must 
provide each VM with its own virtual set of IDTR, LDTR, and GDTR registers). 

21 . As to claim 35 (original) (incorporating the rejection in claim 29), Robin 
discloses the system further comprising a subsystem for processing a synthetic 
instruction (e.g., VMSLDT) for storing the current LDT selector to EAX (P. 19-20, 

* 

Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd Para., the GDT and 
LDT contain segment descriptors that provide the base address, access rights, 
type, length, and usage information for each segment; the interrupt descriptor 
table (IDT) is similar to the GDT and LDT, but it holds gate descriptors that 
provide access to interrupt and exception handlers; All three of these instructions 
(SGDT, SLDT, SIDT) store a special register value into some location. The 
SGDT instruction stores the contents of GDTR in a 6-byte memory location; the 
SLDT instruction stores the segment selector from the LDTR in a 16- or 32-bit 
general-purpose register or memory location; The SIDT instruction stores the 
contents of IDTR in a 6-byte memory location; these instructions are normally 
only used by operating systems but are not privileged in the Intel architecture. 
Since the Intel processor only has one LDTR, IDTR, and GDTR, a problem 
arises when multiple operating systems try to use the same registers. If an OS in 
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a VM uses SGDT, SLDT, or SIDT to reference the contents of the IDTR, LDTR, 
or GDTR, the register contents that are applicable to the host OS or Type I VMM 
will be given. This could cause a problem if an operating system of a virtual 
machine (VMOS) tries to use these values for its own operations since they are 
what the VMOS expect. Therefore, a Type 1 VMM or Type II VMM must provide 
each VM with its own virtual set of IDTR, LDTR, and GDTR registers). 

22. As to claim 36 (original) (incorporating the rejection in claim 29), Robin 
discloses the system further comprising a subsystem for processing a synthetic 
instruction (e.g., VMSIDT) for storing the current IDT base and length to EAX (P. 
19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd Para., the 
GDT and LDT contain segment descriptors that provide the base address, 
access rights, type, length, and usage information for each segment; the interrupt 
descriptor table (IDT) is similar to the GDT and LDT, but it holds gate descriptors 
that provide access to interrupt and exception handlers; All three of these 
instructions (SGDT, SLDT, SIDT) store a special register value into some 
location. The SGDT instruction stores the contents of GDTR in a 6-byte memory 
location; the SLDT instruction stores the segment selector from the LDTR in a 
16- or 32-bit general-purpose register or memory location; The SIDT instruction 
stores the contents of IDTR in a 6-byte memory location; these instructions are 
normally only used by operating systems but are not privileged in the Intel 
architecture. Since the Intel processor only has one LDTR, IDTR, and GDTR, a 
problem arises when multiple operating systems try to use the same registers. If 
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an OS in a VM uses SGDT, SLDT, or S IDT to reference the contents of the 

* 

IDTR, LDTR, or GDTR, the register contents that are applicable to the host OS or 
Type I VMM will be given. This could cause a problem if an operating system of a 
virtual machine (VMOS) tries to use these values for its own operations since 
they are what the VMOS expect. Therefore, a Type 1 VMM or Type II VMM must 
provide each VM with its own virtual set of IDTR, LDTR, and GDTR registers). 

23. As to claim 37 (original) (incorporating the rejection in claim 29), Robin 
discloses the system further comprising a subsystem for processing a synthetic 
instruction (e.g., VMSTR) for storing the current TR selector to EAX (P. 26, Sec. 
5 - STR Instruction, 1 st Para. - this instruction prevents virtualization because it 
allows a task to examine its requested privilege level (RPL). Every segment 
selector contains an index into the GDT or LDT, a table indicator, and an RPL. 
The RPL is represented by bit 0 and bit 1 of the segment selectors. This is a 
problem because a VM does not execute at the highest CPL or RPL (RPL = 0), 
but a RPL = 3. However, most operating systems assume that they are operating 
at the highest privilege level and that they can access any segment descriptor. 
Therefore, if a VM running at a CPL and RPL of 3 uses the STR to store the 
contents of the task register and then examines the information, it will find that it 
is not running at the privilege level at which it expects to run). 

■ 

24. As to claim 57 (currently amended) (incorporating the rejection in claim 
52), Robin discloses the computer-readable instructions further comprising a 
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synthetic instruction (e.g., VMSGDT) that stores the current GDT base and 
length to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. 
- 2 nd Para., the GDT and LDT contain segment descriptors that provide the base 
address, access rights, type, length, and usage information for each segment; 
the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it holds 
gate descriptors that provide access to interrupt and exception handlers; All three 
of these instructions (SGDT, SLDT, SIDT) store a special register value into 
some location. The SGDT instruction stores the contents of GDTR in a 6-byte 
memory location; the SLDT instruction stores the segment selector from the 
LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 
instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 

■ 

of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 
OS or Type I VMM will be given. This could cause a problem if an operating 
system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers). 
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25. As to claim 58 (currently amended) (incorporating the rejection in claim 
52), Robin discloses the computer-readable instructions further comprising a 
synthetic instruction (e.g., VMSLDT) that stores the current LDT selector to EAX 
(P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd Para., the 
GDT and LDT contain segment descriptors that provide the base address, 
access rights, type, length, and usage information for each segment; the interrupt 

■ 

descriptor table (IDT) is similar to the GDT and LDT, but it holds gate descriptors 
that provide access to interrupt and exception handlers; All three of these 
instructions (SGDT, SLDT, SIDT) store a special register value into some 
location. The SGDT instruction stores the contents of GDTR in a 6-byte memory 
location; the SLDT instruction stores the segment selector from the LDTR in a 
16- or 32-bit general-purpose register or memory location; The SIDT instruction 
stores the contents of IDTR in a 6-byte memory location; these instructions are 
normally only used by operating systems but are not privileged in the Intel 
architecture. Since the Intel processor only has one LDTR, IDTR, and GDTR, a 
problem arises when multiple operating systems try to use the same registers. If 
an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents of the 
IDTR, LDTR, or GDTR, the register contents that are applicable to the host OS or 
Type I VMM will be given. This could cause a problem if an operating system of a 
virtual machine (VMOS) tries to use these values for its own operations since 
they are what the VMOS expect. Therefore, a Type 1 VMM or Type II VMM must 
provide each VM with its own virtual set of IDTR, LDTR, and GDTR registers). 
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26. As to claim 59 (currently amended) (incorporating the rejection in claim 
52), Robin discloses the computer-readable instructions further comprising a 
synthetic instruction (e.g., VMSIDT) that stores the current IDT base and length 
to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd 
Para., the GDT and LDT contain segment descriptors that provide the base 
address, access rights, type, length, and usage information for each segment; 
the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it holds 
gate descriptors that provide access to interrupt and exception handlers; All three 
of these instructions (SGDT, SLDT, SIDT) store a special register value into 
some location. The SGDT instruction stores the contents of GDTR in a 6-byte 
memory location; the SLDT instruction stores the segment selector from the 
LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 
instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 
of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 

OS or Type I VMM will be given. This could cause a problem if an operating 

» 

system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers). 
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27. As to claim 60 (currently amended) (incorporating the rejection in claim 
52), Robin discloses the computer-readable instructions further comprising a 
synthetic instruction (e.g., VMSTR) that stores the current TR selector to EAX (P. 
26, Sec. 5 - STR Instruction, 1 st Para. - this instruction prevents virtualization 
because it allows a task to examine its requested privilege level (RPL). Every 
segment selector contains an index into the GDT or LDT, a table indicator, and 
an RPL. The RPL is represented by bit 0 and bit 1 of the segment selectors. This 
is a problem because a VM does not execute at the highest CPL or RPL (RPL = 
0), but a RPL = 3. However, most operating systems assume that they are 
operating at the highest privilege level and that they can access any segment 
descriptor. Therefore, if a VM running at a CPL and RPL of 3 uses the STR to 
store the contents of the task register and then examines the information, it will 
find that it is not running at the privilege level at which it expects to run). 

28. Claim 28 is rejected under 35 U.S.C. 102(b) as being anticipated by 
Virtual 8080 Mode (Intel 80386 Programmer's Reference 1986, pp. 1-18, 1986, 
Intel 80386 Programmer's Reference) (hereinafter V86') 

29. As to claim 28 (original), V86 discloses a method for improving operating 
system code for efficient patching of trappable instructions using a long JMP 
instruction, said method comprising the step of, in the guest operating system, 

» 

locating instances of trappable instructions that are less than five bytes long 
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(e.g., STI and CLI instructions that run within ring-0 code) and replace these 
trappable instructions with corresponding synthetic instructions that are at least 
five bytes long (e.g., VMSTI and VMCLI respectively) (PP. 10-11, "Additional 
Sensitive Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt- 
Enable Flag; PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd 
Par.) 

Claim Rejections - 35 USC § 102(a) 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102(a) 
that form the basis for the rejections under this section made in this office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

30. Claim 25 is rejected under 35 U.S.C. 102(a) as being anticipated by K. P. 
Lawton (Bochs x86 Emulator - monitor-hostc, pp. 1-42, bochs.sourceforge.net) 
(hereinafter 'Lawton'). 

31 . As to claim 25 (original), Lawton discloses a method for an operating 
system to determine whether it is running on a virtualized processor or running 

* 

directly on an x86 processor, said method comprising: executing a synthetic 
instruction (e.g., VMCPUID) for returning a value representing an identity for the 
central processing unit; if a value is returned, then concluding that the operating 
system is running on.a virtualized processor/and thereafter utilize synthetic 
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instructions; and if an exception occurs, then concluding that the operating 
system is running directly on an x86 processor, and thereafter refrain from 
utilizing synthetic instructions (P. 2, Lines 45-47 - information of the host 
processor as returned by the CUPID; P. 17, Lines 729-740 - set the guest 
CUPID info.; P. 19, Lines 832-835 - a pointer to the guest CPU state as passed 
from host-user space; P. 22, Lines 968-988 - CPUID emulation vs. virtualization 
match; P. 26, Lines 1 168-1 176 - a pointer to the guest CPU state saved on the 
monitor stack; P. 28, Lines 1246-1259; P. 35, Lines 1571-1572) 

Claim Rejections - 35 USC § 103(a) 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the art to which said subject 
matter pertains. Patentability shall not be negatived by the manner in which the invention was 
made. 

32. Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Lawton in view of Robin. 

33. As to claim 26 (original) (incorporating the rejection in claim 25), Lawton 
does not explicitly disclose the method further comprising, if a value is returned, 
then accessing or modifying features or behaviors of the underlying virtual 
machine monitor. 
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However, in an analogous art of Analyzing the INTEL Pentium's Capability 
to Support a Secure Virtual Machine Monitor, Robin discloses the method further 
comprising, if a value is returned, then accessing or modifying features or 
behaviors of the underlying virtual machine monitor (i.e. P. 5, Sec. 3 - Logical 
VMM Modules - A VMM normally has three generic types of modules: 
dispatcher, allocator, and interpreter; A jump to the dispatcher is placed in every 
location to which the machine traps. The dispatcher then decides which of its 
modules to call when the machine traps; For example, if a VM tries to execute a 
privileged instruction that would change the resources of the VM's environment, 
the VM will trap to the VMM dispatcher. The dispatcher will handle the trap by 
invoking the allocator that performs the requested resource allocation according 

* 

to VMM policy. The final module type is an interpreter. Each privileged instruction 
will have an interpreter module that is called by the dispatcher to simulate the 
effect of the instruction that caused the trap). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Robin into the 
Lawton's system to further provide the method further comprising, if a value is 
returned, then accessing or modifying features or behaviors of the underlying 
virtual machine monitor in Lawton system. 

The motivation is that it would further enhance the Lawton's system by 
taking, advancing and/or incorporating Robin's system which offers significant 
advantages that if a secure VMM could be built for the Intel Pentium™ 
architecture, it would be very attractive because a single machine could be used 
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to implement multi-level security and also run commercial-off-the-shelf operating 
systems and applications as once suggested by Robin (P. 1 st Par.). 

34. Claims 5, 7-8, 17, and 33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Robin in view of Devine et al., (Pat. No. US 6,397,242 B1) 
(hereinafter 'Devine') 

35. As to claim 5 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein said synthetic instruction is usable in both 
a user mode and a privileged mode. 

However, in an analogous art of Virtualization System Including a virtual 
machine monitor for a computer with a segmented architecture, Devine discloses 
the method wherein said synthetic instruction is usable in both a user mode and 
a privileged mode (Col. 1, Line 64 through Col. 2, Line 4; Col. 4, Lines 44-54; 
Col. 5, Lines 31-41 ; Col. 6, Line 52 through Col. 7, Line 5; Col. 3, Lines 38-45; 
Col. 18, Lines 10-14). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 

* 

the time the invention was made to combine the teachings of Devine into the 
Robin's system to further provide the method wherein said synthetic instruction is 
usable in both a user mode and a privileged mode in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Devine's system which offers significant 
advantages of a VMM that is able to function with both the speed of a direct- 
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execution system and the flexibility of a binary-translation system; the VMM 
should also have an efficient switch between the two execution modes as once 
suggested by Devine (e.g., Col. 4, Line 44 through Col. 5, Line 9). 

36. As to claim 7 (original) (incorporating the rejection in claim 3) and claim 
44 (original) (incorporating the rejection in claim 41), Robin does not disclose the 
method wherein said synthetic instruction is an instruction for disabling direct 
execution (e.g., VMDXDSBL). 

However, in an analogous art of Virtualization System Including a virtual 
machine monitor for a computer with a segmented architecture, Devine discloses 
the method wherein said synthetic instruction is an instruction for disabling direct 
execution (e.g., VMDXDSBL) (Abstract, Lines 7-14 - a direct execution sub- 
system, as well as a sub-system that determines if VM instructions must be 
executed using binary translation, or if they can be executed using direct 
execution Shadow descriptor tables in the VMM; Fig. 1 , elements of "Direct 
Execution", "Execution Mode Decision"; Col. 2, Lines 59-67 - it allowed virtual 
machine monitors to use a technique know as "direct execution" which simplifies 
the implementation of the monitor and improves performance; Col. 4, Lines 44- 
63; Col. 5, Lines 5-9 - what is needed is therefore a VMM that is able to function 
with both the speed of a direct-execution system and the flexibility of a binary- 
translation system; Col. 5, Lines 20-30; Col. 7, Lines 13-17; Col. 8, Lines 26-34; 
Fig. 7; Col. 7, Lines 51-57; Fig. 2; Col. 10, Line 16 through Col. 11, Line 27). 
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Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Devine into the 
Robin's system to further provide the method wherein said synthetic instruction is 
an instruction for disabling direct execution (e.g., VMDXDSBL) in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Devine's system which offers significant 
advantages of a VMM that is able to function with both the speed of a direct- 
execution system and the flexibility of a binary-translation system; the VMM 
should also have an efficient switch between the two execution modes as once 
suggested by Devine (e.g., Col. 4, Line 44 through Col. 5, Line 9). 

37. As to claim 8 (original) (incorporating the rejection in claim 3) and claim 
45 (original) (incorporating the rejection in claim 29), Robin does not disclose the 
method wherein said synthetic instruction is an instruction for enabling (or re- 
enabling) direct execution (e.g., VMDXENBL). 

However, in an analogous art of Virtualization System Including a virtual 
machine monitor for a computer with a segmented architecture, Devine discloses 
the method wherein said synthetic instruction is an instruction for enabling (or re- 
enabling) direct execution (e.g., VMDXENBL) (Abstract, Lines 7-14 - a direct 
execution sub-system, as well as a sub-system that determines if VM instructions 
must be executed using binary translation, or if they can be executed using direct 
execution Shadow descriptor tables in the VMM; Fig. 1 , elements of "Direct 
Execution", "Execution Mode Decision"; Col. 2, Lines 59-67 - it allowed virtual 
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machine monitors to use a technique know as "direct execution" which simplifies 
the implementation of the monitor and improves performance; Col. 4, Lines 44- 
63; Col. 5, Lines 5-9 - what is needed is therefore a VMM that is able to function 
with both the speed of a direct-execution system and the flexibility of a binary- 
translation system; Col. 5, Lines 20-30; Col. 7, Lines 13-17; Col. 8, Lines 26-34; 
Fig. 7; Col. 7, Lines 51-57; Fig. 2; Col. 10, Line 16 through Col. 11, Line 27). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Devine into the 
Robin's system to further provide the method wherein said synthetic instruction is 
an instruction for enabling (or re-enabling) direct execution (e.g., VMDXENBL) in 
Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Devine's system which offers significant 
advantages of a VMM that is able to function with both the speed of a direct- 
execution system and the flexibility of a binary-translation system; the VMM 
should also have an efficient switch between the two execution modes as once 
suggested by Devine (e.g., Col. 4, Line 44 through Col. 5, Line 9). 

38. As to claim 17 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein an instruction that modifies a descriptor 
table entry in the guest operating system is replaced with a synthetic instruction 
(e.g., VMWRDESC) that updates the descriptor table entry, avoiding overheads 
associated with maintaining shadow descriptor tables. 
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However, in an analogous art of Virtualization System Including a virtual 
machine monitor for a computer with a segmented architecture, Devine discloses 
the method wherein an instruction that modifies a descriptor table entry in the 
guest operating system is replaced with a synthetic instruction (e.g., 
VMWRDESC) that updates the descriptor table entry, avoiding overheads 
associated with maintaining shadow descriptor tables (Abstract, Lines 7-14 - a 
direct execution sub-system, as well as a sub-system that determines if VM 
instructions must be executed using binary translation, or if they can be executed 
using direct execution shadow descriptor tables in the VMM, corresponding to 
VM descriptor tables...; Col. 5,Lines 46-59 - the VMM includes VMM descriptor 
tables, including shadow descriptors, that correspond to predetermined ones of 
the VM descriptions tables; Col. 6, Lines 3-6 - the VMM thereby also uses binary 
translation using this cached entry until the processor segment is subsequently 
loaded with a VMM descriptor that is a shadow descriptor; Col. 5, Lines 46-59 - 
the VMM also includes a segment tracking sub-system/module that compares 
the shadow descriptors with their corresponding VM segment descriptors, and 
....; Col. 7, Lines 23-27 - the segment tracking sub-system then includes means 
for indicating to the VMM, on selected ones of the plurality of hardware 
processors, any lack of correspondence between the shadow descriptor tables 
and their corresponding VM descriptor tables; Fig. 6 - illustrating shadow 
descriptor tables used in the VMM according to the invention; Col. 14, Lines 65- 
67 - the manner in which the invention overcomes this problem is through the 
use of shadow descriptor tables; Col. 1 6, Lines 33-63 - the virtual machine may 
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set its GDT to the maximal size supported by the hardware, or to a size that 
exceeds the space reserved by the VMM for GDT shadow descriptors; Col. 17, 
Lines 39-60; Col. 18, Lines 54-57 - with direct execution, the virtual machine 
directly assigns segment registers; however, rather than using the virtual 
machine's tables, the hardware looks at the VMM's shadow tables; Col. 25, Lines 
9-13 - for each virtual processor, the VMM will then maintain a separate set of 
global and local shadow descriptor entries; Col. 26, Lines 3-1 1 , 18-27, 41-47). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Devine into the 
Robin's system to further provide the method wherein an instruction that modifies 
a descriptor table entry in the guest operating system is replaced with a synthetic 
instruction (e.g., VMWRDESC) that updates the descriptor table entry, avoiding 

* 

overheads associated with maintaining shadow descriptor tables in Robin 
system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Devine's system which offers significant 
advantages of a VMM that is able to function with both the speed of a direct- 
execution system and the flexibility of a binary-translation system; the VMM 
should also have an efficient switch between the two execution modes as once 
suggested by Devine (e.g., Col. 4, Line 44 through Col. 5, Line 9). 

39. As to claim 33 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
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synthetic instruction (e.g., VMWRDESC) that updates the descriptor table entry, 
avoiding overheads associated with maintaining shadow descriptor tables. 

However, in an analogous art of Virtualization System Including a virtual 
machine monitor for a computer with a segmented architecture, Devine disclose 
the system further comprising a subsystem for processing a synthetic instruction 
(e.g., VMWRDESC) that updates the descriptor table entry, avoiding overheads 
associated with maintaining shadow descriptor tables (Abstract, Lines 7-14 - a 
direct execution sub-system, as well as a sub-system that determines if VM 
instructions must be executed using binary translation, or if they can be executed 

■ 

using direct execution shadow descriptor tables in the VMM, corresponding to 
VM descriptor tables...; Col. 5,Lines 46-59 - the VMM includes VMM descriptor 
tables, including shadow descriptors, that correspond to predetermined ones of 
the VM descriptions tables; Col. 6, Lines 3-6 - the VMM thereby also uses binary 
translation using this cached entry until the processor segment is subsequently 
loaded with a VMM descriptor that is a shadow descriptor; Col. 5, Lines 46-59 - 
the VMM also includes a segment tracking sub-system/module that compares 
the shadow descriptors with their corresponding VM segment descriptors, and 
....; Col. 7, Lines 23-27 - the segment tracking sub-system then includes means 
for indicating to the VMM, on selected ones of the plurality of hardware 
processors, any lack of correspondence between the shadow descriptor tables 
and their corresponding VM descriptor tables; Fig. 6 - illustrating shadow 

* 

descriptor tables used in the VMM according to the invention; Col. 14, Lines 65- 
67 - the manner in which the invention overcomes this problem is through the 
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use of shadow descriptor tables; Col. 16, Lines 33-63 - the virtual machine may 
set its GDT to the maximal size supported by the hardware, or to a size that 
exceeds the space reserved by the VMM for GDT shadow descriptors; Col. 17, 
Lines 39-60; Col. 18, Lines 54-57 - with direct execution, the virtual machine 
directly assigns segment registers; however, rather than using the virtual 
machine's tables, the hardware looks at the VMM's shadow tables; Col. 25, Lines 
9-13 - for each virtual processor, the VMM will then maintain a separate set of 
global and local shadow descriptor entries; Col. 26, Lines 3-1 1 , 18-27, 41-47). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Devine into the 
Robin's system to further provide the system further comprising a subsystem for 
processing a synthetic instruction (e.g., VMWRDESC) that updates the descriptor 
table entry, avoiding overheads associated with maintaining shadow descriptor 
tables in Robin system. 

The motivation is that it would further enhance the Robin's system by 

> 

taking, advancing and/or incorporating Devine's system which offers significant 
advantages of a VMM that is able to function with both the speed of a direct- 
execution system and the flexibility of a binary-translation system; the VMM 

■ 

should also have an efficient switch between the two execution modes as once 
suggested by Devine (e.g., Col. 4, Line 44 through Col. 5, Line 9). 

40. Claims 15-16, 22-23, 31-32, 38-39, 46-48, 55-56, and 61-62 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Robin in view of V86. 
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41 . As to claim 15 (original) (incorporating the rejection in claim 3), Robin 

* 

does not disclose the method wherein a PUSHF(D) instruction in the guest 
operating system is replaced with a synthetic instruction (e.g., VMPUSHFD) that 
pushes IF onto a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein a PUSHF(D) instruction in the guest operating system is 
replaced with a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a 
stack (PP. 10-11, "Additional Sensitive Instructions", PUSHF - Push Flags, Sec. 
15.4.2 "Virtualizing the Interrupt-Enable Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the method wherein a PUSHF(D) instruction in 
the guest operating system is replaced with a synthetic instruction (e.g., 
VMPUSHFD) that pushes IF onto a stack in Robin system. 

The motivation is that it would further enhance the Robin's system by 

♦ 

taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 

■ • 

program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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42. As to claim 16 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein a POPF(D) instruction in the guest 
operating system is replaced with a synthetic instruction (e.g., VMPOPFD) that 
pops IF off of a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein a POPF(D) instruction in the guest operating system is replaced 
with a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack (PP. 10- 
11, "Additional Sensitive Instructions", POPF- Pop Flags; Sec. 15.4.2 
"Virtualizing the Interrupt-Enable Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the method wherein a POPF(D) instruction in 
the guest operating system is replaced with a synthetic instruction (e.g., 
VMPOPFD) that pops IF off of a stack in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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43. As to claim 22 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein a CLI instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMCLI) that clears a 
virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein a CLI instruction in the guest operating system is replaced with a 
synthetic instruction (e.g., VMCLI) that clears a virtualized IF (PP. 10-11, 
"Additional Sensitive Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set 
Interrupt-Enable Flag; PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. 
- 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the method wherein a CLI instruction in the 
guest operating system is replaced with a synthetic instruction (e.g., VMCLI) that 
clears a virtualized IF in Robin system. 

■ 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 
Par.). 
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44. As to claim 23 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein a STI instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSTI) that sets a 
virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein a STI instruction in the guest operating system is replaced with a 
synthetic instruction (e.g., VMSTI) that sets a virtualized IF (PP. 10-11, 
"Additional Sensitive Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set 
Interrupt-Enable Flag; PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. 
- 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the method wherein a STI instruction in the 
guest operating system is replaced with a synthetic instruction (e.g., VMSTI) that 
sets a virtualized IF in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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45. As to claim 31 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system further comprising a subsystem for processing a synthetic instruction 
(e.g., VMPUSHFD) for pushing an IF onto a stack (PP. 10-11, "Additional 
Sensitive Instructions", PUSHF - Push Flags, Sec. 15.4.2 "Virtualizing the 
Interrupt-Enable Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system further comprising a subsystem for 
processing a synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a 
stack in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 
Par.). 
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46. As to claim 32 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system further comprising a subsystem for processing a synthetic instruction 

* 

(e.g., VMPOPFD) for popping an IF off of a stack (PP. 10-11, "Additional 
Sensitive Instructions", POPF- Pop Flags; Sec. 15.4.2 "Virtualizing the Interrupt- 
Enable Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system further comprising a subsystem for 
processing a synthetic instruction (e.g., VMPOPFD) for popping an IF off of a 
stack in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 
Par.). 
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47. As to claim 38 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
synthetic instruction (e.g., VMCLI) for clearing a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system further comprising a subsystem for processing a synthetic instruction 
(e.g., VMCLI) for clearing a virtualized IF (PP. 10-11, "Additional Sensitive 
Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; 
PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system further comprising a subsystem for 
processing a synthetic instruction (e.g., VMCLI) for clearing a virtualized IF in 
Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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48. As to claim 39 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system further comprising a subsystem for processing a synthetic instruction 
(e.g., VMSTI) for setting a virtualized IF (PP. 10-11, "Additional Sensitive 
Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; 
PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system further comprising a subsystem for 
processing a synthetic instruction (e.g., VMSTI) for setting a virtualized IF in 
Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 

49. As to claim 46 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system wherein said synthetic instructions comprise: a 
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synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack; and a 
synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system wherein said synthetic instructions comprise: a synthetic instruction (e.g., 
VMPUSHFD) for pushing an IF onto a stack; and a synthetic instruction (e.g., 
VMPOPFD) for popping an IF off of a stack (PP. 10-11, "Additional Sensitive 
Instructions", PUSHF - Push Flags, POPF - Pop Flags; Sec. 15.4.2 "Virtualizing 
the Interrupt-Enable Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 

* 

the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system wherein said synthetic instructions 
comprise: a synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a 
stack; and a synthetic instruction (e.g., VMPOPFD) for popping an IF off of a 
stack in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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50. As to claim 47 (original) (incorporating the rejection in claim 46), Robin 
discloses the system wherein said synthetic instructions further comprise: a 
synthetic instruction (e.g., VMSGDT) for storing the current GDT base and length 
to a synthetic instruction (e.g., VMSLDT) for storing the current LDT selector to 
EAX; a synthetic instruction (e.g., VMSIDT) for storing the current IDT base and 
length to EAX (P. 19-20, Sec. 1 - SGDT, SIDT, and SLDT Instructions, 1 st Para. 
- 2 nd Para., the GDT and LDT contain segment descriptors that provide the base 
address, access rights, type, length, and usage information for each segment; 
the interrupt descriptor table (IDT) is similar to the GDT and LDT, but it holds 
gate descriptors that provide access to interrupt and exception handlers; All three 
of these instructions (SGDT, SLDT, SIDT) store a special register value into 
some location. The SGDT instruction stores the contents of GDTR in a 6-byte 
memory location; the SLDT instruction stores the segment selector from the 
LDTR in a 16- or 32-bit general-purpose register or memory location; The SIDT 
instruction stores the contents of IDTR in a 6-byte memory location; these 
instructions are normally only used by operating systems but are not privileged in 
the Intel architecture. Since the Intel processor only has one LDTR, IDTR, and 
GDTR, a problem arises when multiple operating systems try to use the same 
registers. If an OS in a VM uses SGDT, SLDT, or SIDT to reference the contents 
of the IDTR, LDTR, or GDTR, the register contents that are applicable to the host 
OS or Type I VMM will be given. This could cause a problem if an operating 
system of a virtual machine (VMOS) tries to use these values for its own 
operations since they are what the VMOS expect. Therefore, a Type 1 VMM or 
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Type II VMM must provide each VM with its own virtual set of IDTR, LDTR, and 
GDTR registers); and a synthetic instruction (e.g., VMSTR) for storing the current 

i 

TR selector to EAX (P. 26, Sec. 5 - STR Instruction, 1 st Para. - this instruction 
prevents virtualization because it allows a task to examine its requested privilege 
level (RPL). Every segment selector contains an index into the GDT or LDT, a 
table indicator, and an RPL. The RPL is represented by bit 0 and bit 1 of the 
segment selectors. This is a problem because a VM does not execute at the 
highest CPL or RPL (RPL = 0), but a RPL = 3.However, most operating systems 
assume that they are operating at the highest privilege level and that they can 
access any segment descriptor. Therefore, if a VM running at a CPL and RPL of 
3 uses the STR to store the contents of the task register and then examines the 
information, it will find that it is not running at the privilege level at which it 
expects to run). 

51 . As to claim 48 (original) (incorporating the rejection in claim 46), Robin 
does not disclose the system wherein said synthetic instructions further 
comprise: a synthetic instruction (e.g., VMCLI) for clearing a virtualized IF; and a 
synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
system wherein said synthetic instructions further comprise: a synthetic 
instruction (e.g., VMCLI) for clearing a virtualized IF; and a synthetic instruction 
(e.g., VMSTI) for setting a virtualized IF (PP. 10-11, "Additional Sensitive 
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Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; 
PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the system wherein said synthetic instructions 
further comprise: a synthetic instruction (e.g., VMCLI) for clearing a virtualized IF; 
and a synthetic instruction (e.g., VMSTI) for setting a virtualized IF in Robin 
system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 

52. As to claim 55 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a 
stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
computer-readable instructions further comprising a synthetic instruction (e.g., 
VMPUSHFD) that pushes IF onto a stack (PP. 10-11, "Additional Sensitive 
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Instructions", PUSHF - Push Flags; Sec. 15.4.2 "Virtualizing the Interrupt-Enable 
Flag", 1 st Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a stack 
in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's §ystem which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 

53. As to claim 56 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 

■ 

comprising a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
computer-readable instructions further comprising a synthetic instruction (e.g., 
VMPOPFD) that pops IF off of a stack (PP. 10-11, "Additional Sensitive 
Instructions", POPF - Pop Flags; Sec. 15.4.2 "Virtualizing the Interrupt-Enable 
Flag", 1 st Par.). 
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Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 
Robin's system to further provide the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack in 
Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 

■ 

54. As to claim 61 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMCLI) that clears a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
computer-readable instructions further comprising a synthetic instruction (e.g., 
VMCLI) that clears a virtualized IF (PP. 10-11, "Additional Sensitive Instructions", 
CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; PP. 11-12, 
"Virtualizing the Interrupt-Enable Flag", 1 st Par. -2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 

■ 

the time the invention was made to combine the teachings of V86 into the 
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Robin's system to further provide the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMCLI) that clears a virtualized IF in 
Robin system. 

. The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 

* 

also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 
Par.). 

55. As to claim 62 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMSTI) that sets a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
computer-readable instructions further comprising a synthetic instruction (e.g., 
VMSTI) that sets a virtualized IF (PP. 10-11, "Additional Sensitive Instructions", 
CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; PP. 11-12, 
"Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the 

« » 

Robin's system to further provide the computer-readable instructions further 
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comprising a synthetic instruction (e.g., VMSTI) that sets a virtualized IF in Robin 
system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating V86's system which offers significant 
advantages for forming a "virtual machine" with which to execute an 8086 
program; a complete virtual machine consists not only of 80386 hardware but 
also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 

56. Claims 13, 41-42, 54, and 63 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Robin in view of Lawton. 

57. As to claim 13 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein a CPUID instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMCPUID) that reads 
virtualized CPUID information. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses the method wherein a CPUID instruction in the 
guest operating system is replaced with a synthetic instruction (e.g., VMCPUID) 
that reads virtualized CPUID information (P. 2, Lines 45-47 - information of the 
host processor as returned by the CUPID; P. 17, Lines 729-740 - set the guest 
CUPID info.; P. 19, Lines 832-835 - a pointer to the guest CPU state as passed 
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from host-user space; P. 22, Lines 968-988 - CPU ID emulation vs. virtual ization 
match; P. 26, Lines 1 168-1 176 - a pointer to the guest CPU state saved on the 
monitor stack; P. 28, Lines 1246-1259; P. 35, Lines 1571-1572) 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin's system to further provide the method wherein a CPU ID instruction in the 
guest operating system is replaced with a synthetic instruction (e.g., VMCPUID) 
that reads virtualized CPU ID information in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1 , Lines 5-6). 

58. As to claim 41 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for determining 
whether said system is running on a virtualized processor or running directly on 
an x86 processor, said subsystem comprising: a subsystem for executing a 
synthetic instruction (e.g., VMCPUID) for returning a value representing an 
identity for features supported by the central processing unit; and a subsystem 
for determining if a value is returned and (a) if so, concluding that the operating 
system is running on a virtualized processor, and thereafter utilize synthetic 
instructions, and (b) if not, concluding that the operating system is running 
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directly on an x86 processor, and thereafter refrain from utilizing synthetic 
instructions. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses the system further comprising a subsystem for 
determining whether said system is running on a virtualized processor or running 
directly on an x86 processor, said subsystem comprising: a subsystem for 
executing a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for features supported by the central processing unit; and 
a subsystem for determining if a value is returned and (a) if so, concluding that 
the operating system is running on a virtualized processor, and thereafter utilize 
synthetic instructions, and (b) if not, concluding that the operating system is 
running directly on an x86 processor, and thereafter refrain from utilizing 
synthetic instructions (P. 2, Lines 45-47 - information of the host processor as 
returned by the CUPID; P. 17, Lines 729-740 - set the guest CUPID info.; P. 19, 
Lines 832-835 - a pointer to the guest CPU state as passed from host-user 
space; P. 22, Lines 968-988 - CPUID emulation vs. virilization match; P. 26, 
Lines 1 168-1 176 - a pointer to the guest CPU state saved on the monitor stack; 

* 

P. 28, Lines 1246-1259; P. 35, Lines 1571-1572). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin's system to further provide the system further comprising a subsystem for 
determining whether said system is running on a virtualized processor or running 
directly on an x86 processor, said subsystem comprising: a subsystem for 
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executing a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for features supported by the central processing unit; and 
a subsystem for determining if a value is returned and (a) if so, concluding that 
the operating system is running on a virtualized processor, and thereafter utilize 
synthetic instructions, and (b) if not, concluding that the operating system is 
running directly on an x86 processor, and thereafter refrain from utilizing 
synthetic instructions in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1 , Lines 5-6). 

59. As to claim 42 (original) (incorporating the rejection in claim 41 ), Lawton 
discloses the system further comprising a subsystem for accessing or modifying 
features or behaviors of the underlying virtual machine monitor if a value is 
returned (P. 2, Lines 45-47 - information of the host processor as returned by the 

> 

CUPID; P. 17, Lines 729-740 - set the guest CUPID info.; P. 19, Lines 832-835 - 
a pointer to the guest CPU state as passed from host-user space; P. 22, Lines 
968-988 - CPUID emulation vs. virtualization match; P. 26, Lines 1 168-1 176 - a 
pointer to the guest CPU state saved on the monitor stack; P. 28, Lines 1246- 
1259; P. 35, Lines 1571-1572). 
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60. As to claim 54 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for the central processing unit. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for the central processing unit (P. 2, Lines 45-47 - 
information of the host processor as returned by the CUPID; P. 17, Lines 729- 
740 - set the guest CUPID info:; P. 19, Lines 832-835 - a pointer to the guest 
CPU state as passed from host-user space; P. 22, Lines 968-988 - CPUID 
emulation vs. virtualization match; P. 26, Lines 1 168-1 176 - a pointer to the 
guest CPU state saved on the monitor stack; P. 28, Lines 1246-1259; P. 35, 
Lines 1571-1572). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin's system to further provide the computer-readable instructions further 
comprising a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for the central processing unit in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1 , Lines 5-6). 
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61. As to claim 63 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising instructions for determining whether said instructions are running on a 
virtualized processor or running directly on an x86 processor, said instructions 
comprising: instructions for executing a synthetic instruction for returning a value 
representing an identity for the central processing unit; and instructions for 
determining if value corresponding to an identity for the central processing unit is 
returned and (a) if so, utilizing synthetic instructions, and (b) if not, suspending 
use of synthetic instructions. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses the computer-readable instructions further 
comprising instructions for determining whether said instructions are running on a 
virtualized processor or running directly on an x86 processor, said instructions 
comprising: instructions for executing a synthetic instruction for returning a value 
representing an identity for the central processing unit; and instructions for 
determining if value corresponding to an identity for the central processing unit is 
returned and (a) if so, utilizing synthetic instructions, and (b) if not, suspending 
use of synthetic instructions (P. 2, Lines 45-47 - information of the host 
processor as returned by the CUPID; P. 17, Lines 729-740 - set the guest 
CUPID info.; P. 19, Lines 832-835 - a pointer to the guest CPU state as passed 
from host-user space; P. 22, Lines 968-988 - CPU ID emulation vs. virtualization 



Application/Control Number: 10/685,051 Page 
Art Unit: 2192 

match; P. 26, Lines 1 168-1 176 - a pointer to the guest CPU state saved on the 
monitor stack; P. 28, Lines 1246-1259; P. 35, Lines 1571-1572). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin's system to further provide the computer-readable instructions further 
comprising instructions for determining whether said instructions are running on a 
virtualized processor or running directly on an x86 processor, said instructions 
comprising: instructions for executing a synthetic instruction for returning a value 
representing an identity for the central processing unit; and instructions for 
determining if value corresponding to an identity for the central processing unit is 
returned and (a) if so, utilizing synthetic instructions, and (b) if not, suspending 
use of synthetic instructions in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1, Lines 5-6). 

62. Claims 14, 30, and 53 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Robin in view of Carlos et al. (User-Kernel Reactive Threads 
for Linux, Jan. 2003, SCI 2003, pp. 1-6) (hereinafter 'Carlos') 

63. As to claim 14 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein at least one multi-processor spin lock 
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instruction in the guest operating system is supplemented with a synthetic 
instruction (e.g., VMSPLAF) for determining when a spin lock acquisition has 
failed. 

However, in an analogous art of User-Kernel Reactive Threads for Linux, 
Carlos discloses the method wherein at least one multi-processor spin lock 
instruction in the guest operating system is supplemented with a synthetic 
instruction (e.g., VMSPLAF) for determining when a spin lock acquisition has 
failed (Sec. 2 - Related Works, 2 nd Par. - in this model each user thread is 
associated to a virtual processor, an abstraction of a physical processor 
dedicated to only one activity. The kernel is able to change the number of virtual 
processors during the program execution, besides the kernel can communicate 
with the user level scheduler by means of a notification system..; Sub-sec. of 
"Virtual Processors"; Sec. 2 - Related Works, sub-sec. of "Synchronization", 1 st 
Par. - 2 nd Par. - spin locks and FIFO locks; a spin lock is a binary semaphore; 
the acquisition of the spin lock is based in a busy-wait cycle; the primitives in the 
API to manipulate the FIFO locks are: ukJockQ, uk_trylock(), and uk_unlock(), 
with a similar meaning as the primitives explained above for the spin locks). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Carlos into the 
Robin's system to further provide the method wherein at least one multi- 
processor spin lock instruction in the guest operating system is supplemented 
with a synthetic instruction (e.g., VMSPLAF) for determining when a spin lock 
acquisition has failed in Robin system. 
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The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Carlos's system which offers significant 
advantages that a new general purpose model of user-kernel threads for Linux 
with excellent performance and scalability for as once suggested by Carlos (e.g., 
Abstract). 

64. As to claim 30 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem whereby a 
synthetic instruction (e.g., VMSPLAF) for determining when a spin lock 
acquisition has failed is trapped and processed. 

However, in an analogous art of User-Kernel Reactive Threads for Linux, 

* 

Carlos discloses the system further comprising a subsystem whereby a synthetic 
instruction (e.g., VMSPLAF) for determining when a spin lock acquisition has 
failed is trapped and processed (Sec. 2 - Related Works, 2 nd Par. - in this model 
each user thread is associated to a virtual processor, an abstraction of a physical 
processor dedicated to only one activity. The kernel is able to change the number 
of virtual processors during the program execution, besides the kernel can 
communicate with the user level scheduler by means of a notification system..; 
Sub-sec. of "Virtual Processors"; Sec. 2 - Related Works, sub-sec. of 
"Synchronization", 1 st Par. - 2 nd Par. - spin locks and FIFO locks; a spin lock is a 
binary semaphore; the acquisition of the spin lock is based in a busy-wait cycle; 
the primitives in the API to manipulate the FIFO locks are: ukJockQ, uk__trylock(), 
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and uk_unlock(), with a similar meaning as the primitives explained above for the 
spin locks). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Carlos into the 
Robin's system to further provide the system further comprising a subsystem 
whereby a synthetic instruction (e.g., VMSPLAF) for determining when a spin 
lock acquisition has failed is trapped and processed in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Carlos's system which offers significant 
advantages that a new general purpose model of user-kernel threads for Linux 
with excellent performance and scalability for as once suggested by Carlos (e.g., 
Abstract). 

65. As to claim 53 (currently amended) (incorporating the rejection in claim 
52), Robin does not disclose the computer-readable instructions further 
comprising instructions whereby at least one multi-processor spin lock instruction 
in the guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed. 

However, in an analogous art of User-Kernel Reactive Threads for Linux, 
Carlos discloses the computer-readable instructions further comprising 
instructions whereby at least one multi-processor spin lock instruction in the 
guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed (Sec. 2 - 
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Related Works, 2 nd Par. - in this model each user thread is associated to a virtual 
processor, an abstraction of a physical processor dedicated to only one activity. 
The kernel is able to change the number of virtual processors during the program 
execution, besides the kernel can communicate with the user level scheduler by 
means of a notification system..; Sub-sec. of "Virtual Processors"; Sec. 2 - 
Related Works, sub-sec. of "Synchronization", 1 st Par. - 2 nd Par. - spin locks and 
FIFO locks; a spin lock is a binary semaphore; the acquisition of the spin lock is 
based in a busy-wait cycle; the primitives in the API to manipulate the FIFO locks 
are: ukJockQ, ukJrylockQ, and ukjunlockQ, with a similar meaning as the 
primitives explained above for the spin locks). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Carlos into the 
Robin's system to further provide the computer-readable instructions further 
comprising instructions whereby at least one multi-processor spin lock instruction 
in the guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed in Robin 
system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Carlos's system which offers significant 
advantages that a new general purpose model of user-kernel threads for Linux 
with excellent performance and scalability for as once suggested by Carlos (e.g., 
Abstract). 
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66. Claims 6, 9, 24, and 40 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Robin in view of Cota-Robles et al. (Pat. No. US 7,191,440 
B2) (hereinafter 'Cota-Robles') 

i 

67. As to claim 6 (original) (incorporating the rejection in claim 3), Robin does 
not disclose the method wherein said synthetic instruction has no corollary to an 
existing x86 instruction. 

However, in an analogous art of tracking operating system process and 
thread execution and virtual machine execution in hardware or in a virtual 
machine monitor, Cota-Robles discloses the method wherein said synthetic 
instruction has no corollary to an existing x86 instruction (Col. 6, Lines 9-14; Col. 
9, Lines 49-55). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Cota-Robles into 
the Robin's system to further provide the method wherein, for an instruction that 
is replaced with a synthetic instruction, the synthetic instruction is semantically 
similar to the instruction that is being replaced in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Cota-Robles' system which offers 
significant advantages that the virtual machine monitor derives scheduling 
information from the transitions to enable a virtual machine system to guarantee 
adequate scheduling quality of service to real-time applications executing in 
virtual machines that contain both real-time and non-real-time applications; a 
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parent virtual machine monitor in a recursive virtualization system can use the 
scheduling information to schedule a child virtual machine monitor that controls 
multiple virtual machines as once suggested by Cota-Robles (e.g., Abstract). 

68. As to claim 9 (original) (incorporating the rejection in claim 3), Robin does 
not disclose the method wherein, for an instruction that is replaced with a 
synthetic instruction, the synthetic instruction is semantically similar to the 
instruction that is being replaced. 

However, in an analogous art of tracking operating system process and 
thread execution and virtual machine execution in hardware or in a virtual 
machine monitor, Cota-Robles discloses the method wherein, for an instruction 
that is replaced with a synthetic instruction, the synthetic instruction is 
semantically similar to the instruction that is being replaced (Col. 6, Lines 9-14; 
Col. 9, Lines 49-55). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Cota-Robles into 
the Robin's system to further provide the method wherein, for an instruction that 
is replaced with a synthetic instruction, the synthetic instruction is semantically 
similar to the instruction that is being replaced in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Cota-Robles 1 system which offers 
significant advantages that the virtual machine monitor derives scheduling 
information from the transitions to enable a virtual machine system to guarantee 
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adequate scheduling quality of service to real-time applications executing in 
virtual machines that contain both real-time and non-real-time applications; a 
parent virtual machine monitor in a recursive virtualization system can use the 
scheduling information to schedule a child virtual machine monitor that controls 
multiple virtual machines as once suggested by Cota-Robles (e.g., Abstract). 

69. As to claim 24 (original) (incorporating the rejection in claim 3), Robin 
does not disclose the method wherein a synthetic instruction for halting the 
processor (e.g., VMHALT) can be executed as user-level guest code. 

However, in an analogous art of tracking operating system process and 
thread execution and virtual machine execution in hardware or in a virtual 
machine monitor, Cota-Robles discloses the method wherein a synthetic 
instruction for halting the processor (e.g., VMHALT) can be executed as user- 
level guest code (Col. 6, Lines 9-14 - the VMM can also detect the frequency 
with which a guest OS enters and idle loop, i.e., has no useful work to do by 
detecting halt instructions; because the VMM detects process and thread 
switches at the operating system and application levels, it can calculate its 
scheduling for a VM at granularities beneath the whole VM; Col. 9, Lines 49-55; 
Col. 1 1 , Lines 44-48 - the parent VMM would still track halt instructions as well, 
but the idle detector would now receive idle indications at, for example, the 
granularity of VMs of the child VMM (i.e., VMs inside a VM). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Cota-Robles into 
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the Robin's system to further provide the method wherein a synthetic instruction 
for halting the processor (e.g., VMHALT) can be executed as user-level guest 
code in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Cota-Robles' system which offers 
significant advantages that the virtual machine monitor derives scheduling 
information from the transitions to enable a virtual machine system to guarantee 
adequate scheduling quality of service to real-time applications executing in 
virtual machines that contain both real-time and non-real-time applications; a 
parent virtual machine monitor in a recursive virtualization system can use the 
scheduling information to schedule a child virtual machine monitor that controls 
multiple virtual machines as once suggested by Cota-Robles (e.g., Abstract). 

70. As to claim 40 (original) (incorporating the rejection in claim 29), Robin 
does not disclose the system further comprising a subsystem for processing a 
synthetic instruction for halting the processor (e.g., VMHALT) can be executed as 
user-level guest code. 

However, in an analogous art of tracking operating system process and 
thread execution and virtual machine execution in hardware or in a virtual 
machine monitor, Cota-Robles discloses the system further comprising a 
subsystem for processing a synthetic instruction for halting the processor (e.g., 
VMHALT) can be executed as user-level guest code (Col. 6, Lines 9-14 - the 
VMM can also detect the frequency with which a guest OS enters and idle loop, 
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i.e., has no useful work to do by detecting halt instructions; because the VMM 
detects process and thread switches at the operating system and application 
levels, it can calculate its scheduling for a VM at granularities beneath the whole 
VM; Col. 9, Lines 49-55; Col. 1 1 , Lines 44-48 - the parent VMM would still track 
halt instructions as well, but the idle detector would now receive idle indications 
at, for example, the granularity of VMs of the child VMM (i.e., VMs inside a VM). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Cota-Robles into 
the Robin's system to further provide the system comprising a subsystem for 
processing a synthetic instruction for halting the processor (e.g., VMHALT) can 
be executed as user-level guest code in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Cota-Robles' system which offers 
significant advantages that the virtual machine monitor derives scheduling 
information from the transitions to enable a virtual machine system to guarantee 
adequate scheduling quality of service to real-time applications executing in 
virtual machines that contain both real-time and non-real-time applications; a 
parent virtual machine monitor in a recursive virtualization system can use the 
scheduling information to schedule a child virtual machine monitor that controls 
multiple virtual machines as once suggested by Cota-Robles (e.g., Abstract). 

71 . Claim 49 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Robin in view of V86 and further in view of Carlos. 
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72. As to claim 49 (original) (incorporating the rejection in claim 46), Robin 
and V86 do not disclose the system wherein said synthetic instructions further 
comprise a synthetic instruction for determining when a spin lock acquisition has 
failed is trapped and processed. 

However, in an analogous art of User-Kernel Reactive Threads for Linux, 
Carlos discloses the system wherein said synthetic instructions further comprise 
a synthetic instruction for determining when a spin lock acquisition has failed is 
trapped and processed (Sec. 2 - Related Works, 2 nd Par. - in this model each 
user thread is associated to a virtual processor, an abstraction of a physical 
processor dedicated to only one activity. The kernel is able to change the number 
of virtual processors during the program execution, besides the kernel can 
communicate with the user level scheduler by means of a notification system..; 
Sub-sec. of "Virtual Processors"; Sec. 2 - Related Works, sub-sec. of 
"Synchronization", 1 st Par. - 2 nd Par. - spin locks and FIFO locks; a spin lock is a 
binary semaphore; the acquisition of the spin lock is based in a busy-wait cycle; 
the primitives in the API to manipulate the FIFO locks are: ukJockQ, uk_trylock(), 
and uk_unlock(), with a similar meaning as the primitives explained above for the 
spin locks). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Carlos into the 

* 

Robin-V86's system to further provide the system wherein said synthetic 
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instructions further comprise a synthetic instruction for determining when a spin 
lock acquisition has failed is trapped and processed in Robin-V86 system. 

The motivation is that it would further enhance the Robin-V86's system by 
taking, advancing and/or incorporating Carlos's system which offers significant 
advantages that a new general purpose model of user-kernel threads for Linux 
with excellent performance and scalability for as once suggested by Carlos (e.g., 
Abstract). 

73. Claim 50 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Robin in view of V86 and further in view of Lawton. 

74. As to claim 50 (original) (incorporating the rejection in claim 46), Robin 
and V86 do not disclose the system wherein said synthetic instructions further 
comprise a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for the central processing unit. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses the system wherein said synthetic instructions 
further comprise a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for the central processing unit (P. 2, Lines 45-47 - 
information of the host processor as returned by the CUPID; P. 17, Lines 729- 
740 - set the guest CUPID info.; P. 19, Lines 832-835 - a pointer to the guest 
CPU state as passed from host-user space; P. 22, Lines 968-988 - CPUID 
emulation vs. virtualization match; P. 26, Lines 1 168-1 176 - a pointer to the 
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guest CPU state saved on the monitor stack; P. 28, Lines 1246-1259; P. 35, 
Lines 1571-1572) 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin-V86's system to further provide the system wherein said synthetic 
instructions further comprise a synthetic instruction (e.g., VMCPUID) for returning 

o 

a value representing an identity for the central processing unit in Robin-V86 
system. 

The motivation is that it would further enhance the Robin-V86's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1 , Lines 5-6). 

75. Claim 66 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Robin in view of Lawton, Carlos and further in view of V86. 

76. As to claim 66 (original), Robin discloses a method for optimizing a guest 
operating system to improve processor virtualization when executing on x86 
processor architectures and their equivalents, including but not limited to the 
IA32 architecture, said method comprising removing, replacing, or supplementing 
instances of one or more of the following predefined instructions in the guest 
operating system: PUSH CS, PUSH SS (P. 24, Sec. 3 - PUSH Instruction, Lines 
1-5 - this can not be allowed because bits 0 and 1 of the CS and SS register 
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contain the CPL of the current executing task), MOV from SS (P. 26, Sec. 5 - 
STR Instruction, 2 nd Para, - this is a problem because the CS and SS registers 
both contain the CPL in bits 0 and 1 . therefore, a task could store the CS or SS in 
a general-purpose register and examine the contents of that register to find that 
is not operating at the correct privilege level), CALLF (P. 24, Sec. 4 - CALL, 
JMP, INT n, RET Instructions, 1 st Para - task switches and far calls to different 
privilege levels are problems because they involve the CPL, DPL, and RPL of the 
Intel protection system), VERR, VERW, and LAR (P. 23, Sec. 1 - LAR, LSL, 
VERR, VERW Instructions, the LAR instruction loads access rights from a 
segment descriptor into a general purpose register; the VERR and VERW 
instructions verify whether a code or data segment is readable or writable from 
the current privilege level. The problem with these instructions is that they all 
perform the following check during their execution: (CPL > DPL) or (RPL > DPL); 
this conditional checks to ensure that the current privilege level and the 
requested privilege level are both greater than the descriptor privilege level. This 
is a problem because a VM normally does not execute at the highest CPL); 
replacing SGDT instructions in the guest operating system with synthetic 
instructions (e.g., VMSGDT) for storing a current GDT base and length to EAX; 
replacing SLOT instructions in the guest operating system with synthetic 
instructions (e.g., VMSLDT) for storing a current LDT selector to EAX; replacing 
SIDT instructions in the guest operating system with synthetic instructions (e.g., 
VMS IDT) for storing a current IDT base and length to EAX (P. 19-20, Sec. 1 - 
SGDT, SIDT, and SLDT Instructions, 1 st Para. - 2 nd Para., the GDT and LDT 
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contain segment descriptors that provide the base address, access rights, type, 
length, and usage information for each segment; the interrupt descriptor table 
(IDT) is similar to the GDT and LDT, but it holds gate descriptors that provide 

* 

access to interrupt and exception handlers; All three of these instructions (SGDT, 
SLDT, SIDT) store a special register value into some location. The SGDT 
instruction stores the contents of GDTR in a 6-byte memory location; the SLDT 
instruction stores the segment selector from the LDTR in a 16- or 32-bit general- 
purpose register or memory location; The SIDT instruction stores the contents of 
IDTR in a 6-byte memory location; these instructions are normally only used by 
operating systems but are not privileged in the Intel architecture. Since the Intel 
processor only has one LDTR, IDTR, and GDTR, a problem arises when multiple 
operating systems try to use the same registers. If an OS in a VM uses SGDT, 
SLDT, or SIDT to reference the contents of the IDTR, LDTR, or GDTR, the 
register contents that are applicable to the host OS or Type I VMM will be given. 
This could cause a problem if an operating system of a virtual machine (VMOS) 
tries to use these values for its own operations since they are what the VMOS 
expect. Therefore, a Type 1 VMM or Type II VMM must provide each VM with its 
own virtual set of IDTR, LDTR, and GDTR registers); replacing STR instructions 
in the guest operating system with synthetic instructions (e.g., VMSTR) for 
storing the current TR selector to EAX (P. 26, Sec. 5 - STR Instruction, 1 st Para. 
- this instruction prevents virtualization because it allows a task to examine its 
requested privilege level (RPL). Every segment selector contains an index into 
the GDT or LDT, a table indicator, and an RPL. The RPL is represented by bit 0 
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and bit 1 of the segment selectors. This is a problem because a VM does not 
execute at the highest CPL or RPL (RPL = 0), but a RPL = 3.However, most 
operating systems assume that they are operating at the highest privilege level 
and that they can access any segment descriptor. Therefore, if a VM running at a 
CPL and RPL of 3 uses the STR to store the contents of the task register and 
then examines the information, it will find that it is not running at the privilege 
level at which it expects to run); 

Robin does not disclose replacing CPUID instructions in the guest 
operating system with synthetic instructions (e.g., VMCPUID) that reads 
virtualized CPUID information. 

However, in an analogous art of exploiting reflection in mobile computing 
middleware, Lawton discloses replacing CPUID instructions in the guest 
operating system with synthetic instructions (e.g., VMCPUID) that reads 
virtualized CPUID information (P. 2, Lines 45-47 - information of the host 
processor as returned by the CUPID; P. 17, Lines 729-740 - set the guest 
CUPID info.; P. 19, Lines 832-835 - a pointer to the guest CPU state as passed 
from host-user space; P. 22, Lines 968-988 - CPUID emulation vs. virtualization 
match; P. 26, Lines 1 168-1 176 - a pointer to the guest CPU state saved on the 
monitor stack; P. 28, Lines 1246-1259; P. 35, Lines 1571-1572) 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Lawton into the 
Robin's system to further provide replacing CPUID instructions in the guest 
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operating system with synthetic instructions (e.g., VMCPUID) that reads 
virtualized CPUID information in Robin system. 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Lawton's system which contains the top- 
level monitor accessible from the host space (kernel independent code) as once 
suggested by Lawton (P. 1, Lines 5-6). 

Further Robin and Lawton do not disclose supplementing spin lock 
instructions in the guest operating system with synthetic instructions (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed. 

However, in an analogous art of User-Kernel Reactive Threads for Linux, 
Carlos discloses supplementing spin lock instructions in the guest operating 
system with synthetic instructions (e.g., VMSPLAF) for determining when a spin 
lock acquisition has failed (Sec. 2 - Related Works, 2 nd Par. - in this model each 
user thread is associated to a virtual processor, an abstraction of a physical 
processor dedicated to only one activity. The kernel is able to change the number 
of virtual processors during the program execution, besides the kernel can 
communicate with the user level scheduler by means of a notification system..; 
Sub-sec. of "Virtual Processors"; Sec. 2 - Related Works, sub-sec. of 
"Synchronization", 1 st Par. - 2 nd Par. - spin locks and FIFO locks; a spin lock is a 
binary semaphore; the acquisition of the spin lock is based in a busy-wait cycle; 
the primitives in the API to manipulate the FIFO locks are: ukJockQ, uk_Jrylock(), 
and uk_unlock(), with a similar meaning as the primitives explained above for the 
spin locks). 



• Application/Control Number: 10/685,051 Page 71 

Art Unit: 2192 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Carlos into the 
Robin-Lawton's system to further provide the method wherein at least one multi- 
processor spin lock instruction in the guest operating system is supplemented 
with a synthetic instruction (e.g., VMSPLAF) for determining when a spin lock 
acquisition has failed in Robin-Lawton system. 

The motivation is that it would further enhance the Robin-Lawton's system 
by taking, advancing and/or incorporating Carlos's system which offers significant 
advantages that a new general purpose model of user-kernel threads for Linux 
with excellent performance and scalability for as once suggested by Carlos (e.g., 
Abstract). 

Furthermore Robin, Lawton and Carlos do not disclose replacing 
PUSHF(D) instructions in the guest operating system with synthetic instructions 
(e.g., VMPUSHFD) for pushing IF onto a stack; replacing POPF(D) instructions in 
the guest operating system with synthetic instructions (e.g., VMPOPFD) for 
popping IF off of a stack; replacing CLI instructions in the guest operating system 
with synthetic instructions (e.g., VMCLI) for clearing a virtualized IF; replacing 
STI instructions in the guest operating system with synthetic instructions (e.g., 
VMSTI) for setting a virtualized IF. 

However, in an analogous art of Virtual 8088 Mode, V86 discloses 
replacing PUSHF(D) instructions in the guest operating system with synthetic 
instructions (e.g., VMPUSHFD) for pushing IF onto a stack; replacing POPF(D) 
instructions in the guest operating system with synthetic instructions (e.g., 
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VMPOPFD)for popping IF off of a stack; replacing CLI instructions in the guest 
operating system with synthetic instructions (e.g., VMCLI) for clearing a 

i 

virtualized IF; replacing STI instructions in the guest operating system with 
synthetic instructions (e.g., VMSTI) for setting a virtualized IF. 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the Robin- 
Lawton-Carlos' system to further replacing PUSHF(D) instructions in the guest 
operating system with synthetic instructions (e.g., VMPUSHFD) for pushing IF 
onto a stack; replacing POPF(D) instructions in the guest operating system with 
synthetic instructions (e.g., VMPOPFD) for popping IF off of a stack; replacing 
CLI instructions in the guest operating system with synthetic instructions (e.g., 
VMCLI) for clearing a virtualized IF; replacing STI instructions in the guest 
operating system with synthetic instructions (e.g., VMSTI) for setting a virtualized 
IF in Robin-Lawton-Carlos system. 

The motivation is that it would further enhance the Robin-Lawton-Carlos , 
system by taking, advancing and/or incorporating V86's system which offers 
significant advantages for forming a "virtual machine" with which to execute an 
8086 program; a complete virtual machine consists not only of 80386 hardware 
but also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1, 1 st 
Par.). 
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77. Claims 10-12 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Robin in view of A. Tamches (Fine-Grained Dynamic Instrumentation of 
Commodity Operation System, May, 2001, University of Wisconsin - Madison) 
(hereinafter Tamches') and further in view of V86. 

■ 

78. As to claim 10 (original) (incorporating the rejection in claim 9), Robin 
does not disclose the method wherein an instruction of less than five bytes in 
length is replaced with a synthetic instruction of at least five bytes in length (e.g., 
to facilitate patching). 

However, in an analogous art of exploiting reflection in mobile computing 

■ 

middleware, Tamches discloses the method wherein an instruction of less than 
five bytes in length is replaced with a synthetic instruction of at least five bytes in 
length (e.g., to facilitate patching). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of Tamches into the 
Robin's system to further provide the method wherein an instruction of less than 
five bytes in length is replaced with a synthetic instruction of at least five bytes in 
length (e.g., to facilitate patching) in Robin system (Sec. 4.6.1 - Splicing on 
Architectures Having Variable Length Instructions, 1 st Par.) 

♦ 

The motivation is that it would further enhance the Robin's system by 
taking, advancing and/or incorporating Tamches's system which offers significant 
advantages for dynamic (runOtime) kernel instrumentation and its applications in 
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the areas of kernel profiling and code evolution as once suggested by Tamches 
(Abstract, 1 st Par.). 

79. As to claim 11 (original) (incorporating the rejection in claim 10), Robin 
and Tamches do not disclose the method wherein an STI instruction is replaced 
with a synthetic instruction that is at least five bytes long (e.g., VMSTI). 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein an STI instruction is replaced with a synthetic instruction that is 
at least five bytes long (e.g., VMSTI) (PP. 10-11, "Additional Sensitive 
Instructions", CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; 
PP. 11-12, "Virtualizing the Interrupt-Enable Flag", 1 st Par. -2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the Robin- 
Tamches's system to further provide the method wherein an STI instruction is 
replaced with a synthetic instruction that is at least five bytes long (e.g., VMSTI) 
in Robin-Tamches system. 

The motivation is that it would further enhance the Robin-Tamches's 
system by taking, advancing and/or incorporating V86's system which offers 
significant advantages for forming a "virtual machine" with which to execute an 
8086 program; a complete virtual machine consists not only of 80386 hardware 
but also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 
Par.). 
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80. As to claim 12 (original) (incorporating the rejection in claim 10), Robin 
and Tamches do not disclose the method wherein a CLI instruction is replaced 
with a synthetic instruction that is at least five bytes long (e.g., VMCLI). 

However, in an analogous art of Virtual 8088 Mode, V86 discloses the 
method wherein a CLI instruction is replaced with a synthetic instruction that is at 
least five bytes long (e.g., VMCLI) (PP. 10-11, "Additional Sensitive Instructions", 
CLI - Clear Interrupt-Enable Flag; STI - Set Interrupt-Enable Flag; PP. 11-12, 
"Virtualizing the Interrupt-Enable Flag", 1 st Par. - 2 nd Par.). 

Therefore, it would have been obvious to one of ordinary skill in the art, at 
the time the invention was made to combine the teachings of V86 into the Robin- 
Tamches's system to further provide the method wherein a CLI instruction is 
replaced with a synthetic instruction that is at least five bytes long (e.g., VMCLI) 
in Robin-Tamches system. 

The motivation is that it would further enhance the Robin-Tamches's 
system by taking, advancing and/or incorporating V86's system which offers 
significant advantages for forming a "virtual machine" with which to execute an 
8086 program; a complete virtual machine consists not only of 80386 hardware 
but also of systems software; thus, the emulation of an 8086 is the result of 
cooperation between hardware and software as once suggested by V86 (P. 1 , 1 st 

Par.). 
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Allowable Subject Matter 

81 . Claims 27, 43, 51 and 64 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten to overcome the 
rejections 35 U.S.C 101 and/or 35 U.S.C. 102(a) and/or 35 U.S.C. 102(b) and/or 
35 U.S.C. 103(a) set forth in this office action and to include all the limitations of 
the base claim and any intervening claims. 

The following is an examiner's statement of reasons for allowance: 
Regarding claims 27, 43, 51 and 64, prior art of record fails to reasonably 
show or suggest the synthetic instruction (e.g., VMCPUID) has the hexadecimal 
operation code as "OF C7 C8 01 00". 

Any comments considered necessary by applicant must be submitted no 
later than the payment of the issue fee and, to avoid processing delays, should 
preferably accompany the issue fee. Such submissions should be clearly labeled 
"Comments on Statement of Reasons for Allowance." 



Conclusion 

82. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

• Robin et al., "Analysis of the Intel Pentium's Ability to Support a Secure 
Virtual Machine Monitor", Aug. 14, 2000, USENIX, pp. 1-17 
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• K. P. Lawton, "Running Multiple Operating Systems Concurrently on 

< 

an IA32 PC using Virilization Techniques", Nov. 29, 1999, pp. 1-44 

• Lueh et al., "Method and Apparatus for Reducing the Overhead of 
Virtual Method Invocations" (Pat. No. US 6,658,657 B1) 

• Rautenbach et al., "Method and Structure for Reducing Search Times" 
(Pub. No. US 2002/016,5848 A1) 

t 

• Traut et al., "Systems and Methods for Improving the X86 Architecture 
for Processor Virtualization, and Software Systems and Methods for 
Utilizing the Improvements" (Pub. No. US 2005/0076186 A1 ) 

• Traut et al., "Method for Monitoring and Emulating Privileged 
Instructions of Programs in a Virtual Machine" (Pub. No. US 
2004/0025158 A1) 

• Vega et al., "Systems and Methods for Instruction Sequence 
Compounding in a Virtual Machine Environment" (Pub. No. US 
2005/0080753 A1) 

83. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Ben C. Wang whose telephone number is 
571-270-1240. The examiner can normally be reached on Monday - Friday, 8:00 
a.m. - 5:00 p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Tuan Q. Dam can be reached on 571-272-3695. The fax 
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phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 
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